Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.mft
File:                     zdCuQc2rVZhilkF4v-rjaElrB9c.mft (raw, json)
Hash identifier:          fiXGeo82BRpPm8UeNI2ENY4q/apGFKaGnLAxiJT9RX0=
Subject key identifier:   CC:C9:59:E5:A1:AB:A7:EA:7E:46:61:86:2F:53:B3:A3:E3:49:E2:9A
Authority key identifier: CD:D0:AE:41:CD:AB:55:98:62:96:41:78:BF:EA:E3:68:49:6B:07:D7
Certificate issuer:       /CN=cdd0ae41cdab559862964178bfeae368496b07d7
Certificate serial:       019684DA88BABD6A1F05222E41F996ED8CFA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zdCuQc2rVZhilkF4v-rjaElrB9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.mft
Manifest number:          0BF6
Signing time:             Wed 30 Apr 2025 04:00:36 +0000
Manifest this update:     Wed 30 Apr 2025 04:00:36 +0000
Manifest next update:     Thu 01 May 2025 04:00:36 +0000
Files and hashes:         1: zdCuQc2rVZhilkF4v-rjaElrB9c.crl (hash: RTxRsqJKSvFgsZ+Lu3zB4x6EeNjQlTow8rD7r3C7gUI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zdCuQc2rVZhilkF4v-rjaElrB9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:84:da:88:ba:bd:6a:1f:05:22:2e:41:f9:96:ed:8c:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdd0ae41cdab559862964178bfeae368496b07d7
        Validity
            Not Before: Apr 30 04:00:36 2025 GMT
            Not After : May  1 04:00:36 2025 GMT
        Subject: CN=ccc959e5a1aba7ea7e4661862f53b3a3e349e29a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:42:d2:ff:8a:0e:f9:ed:7d:04:ef:f0:cf:00:
                    54:bf:e7:f9:6d:fa:43:02:bd:9e:9c:d6:77:4c:da:
                    f0:7f:14:ff:00:34:2f:2c:bd:c7:49:4c:2b:98:99:
                    d1:df:e8:58:d0:d0:db:8e:1d:05:ff:e1:63:1f:a9:
                    98:1c:32:90:25:b3:01:0a:d5:2a:59:2f:f0:e9:96:
                    53:b4:7d:c0:99:f6:88:92:e1:93:f2:dd:28:ed:28:
                    e4:04:3f:71:9f:ec:97:99:d4:77:4a:f7:0b:67:a6:
                    39:89:74:35:78:2e:78:38:d6:01:1d:db:d5:b6:82:
                    6b:3a:b5:5d:17:2e:6a:69:1b:7c:9b:a5:da:21:6c:
                    8e:1d:83:c2:7d:6c:fa:62:64:c9:24:1b:e8:8d:6a:
                    11:b9:0d:b4:61:c1:e0:67:9d:a3:3c:43:5a:46:ad:
                    8f:18:ae:85:f6:3d:e2:de:a6:c3:85:64:7d:d2:89:
                    58:80:5a:8f:71:79:40:d0:4e:b9:90:7f:fd:ea:c1:
                    d5:e4:f7:0a:b0:14:cd:bc:c2:23:0f:3c:86:a2:23:
                    61:87:23:2d:37:15:b2:10:b4:15:26:31:58:50:08:
                    86:fd:66:2d:a0:2d:39:2b:d2:b1:c0:81:e4:87:8e:
                    75:74:5d:e6:6f:a2:c0:f9:ca:a2:e1:1b:ea:6c:92:
                    77:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:C9:59:E5:A1:AB:A7:EA:7E:46:61:86:2F:53:B3:A3:E3:49:E2:9A
            X509v3 Authority Key Identifier:
                keyid:CD:D0:AE:41:CD:AB:55:98:62:96:41:78:BF:EA:E3:68:49:6B:07:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdCuQc2rVZhilkF4v-rjaElrB9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:5c:3b:56:13:0c:40:2b:63:22:a0:64:3b:77:ed:db:eb:73:
         60:af:a5:3f:bb:99:61:15:2f:2e:b5:72:f8:e6:c0:85:43:09:
         2b:d9:b1:12:a8:3f:38:1e:31:a0:62:c1:9b:41:27:0d:4a:96:
         ee:a1:6f:4e:23:28:ed:b9:3d:5f:4c:4a:e8:d2:0d:d5:0f:30:
         48:3f:c6:cf:7a:41:c0:27:46:44:b2:85:71:84:03:66:e9:9d:
         99:3b:e8:87:65:5a:f7:52:9a:8d:72:45:5b:89:46:d4:63:ac:
         7d:ca:87:58:a1:ff:24:ea:16:bf:08:03:4a:03:32:42:3a:37:
         49:cd:36:fc:18:18:70:63:01:99:4e:a4:07:1d:5d:0e:c4:d7:
         2e:5d:02:fb:ff:50:88:1a:01:8e:72:b9:44:bc:3f:1a:46:72:
         99:1c:3f:62:3c:fe:21:ac:b8:5a:cc:df:92:1b:f7:f4:e9:bb:
         76:cb:2c:78:95:2d:10:54:c5:4a:26:95:db:89:fd:9f:38:db:
         81:14:48:27:5c:01:82:82:af:cb:d4:4c:75:eb:5c:38:88:23:
         a3:fa:c4:f2:af:74:10:8a:0b:fb:51:2f:6b:d7:d3:c9:e4:42:
         33:ec:4a:1f:51:08:f9:ff:a8:f0:10:8f:bd:5e:65:61:8f:1d:
         c5:eb:c0:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaE2oi6vWofBSIuQfmW7Yz6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZDBhZTQxY2RhYjU1OTg2Mjk2NDE3OGJmZWFlMzY4NDk2
YjA3ZDcwHhcNMjUwNDMwMDQwMDM2WhcNMjUwNTAxMDQwMDM2WjAzMTEwLwYDVQQD
EyhjY2M5NTllNWExYWJhN2VhN2U0NjYxODYyZjUzYjNhM2UzNDllMjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA40LS/4oO+e19BO/wzwBUv+f5bfpD
Ar2enNZ3TNrwfxT/ADQvLL3HSUwrmJnR3+hY0NDbjh0F/+FjH6mYHDKQJbMBCtUq
WS/w6ZZTtH3AmfaIkuGT8t0o7SjkBD9xn+yXmdR3SvcLZ6Y5iXQ1eC54ONYBHdvV
toJrOrVdFy5qaRt8m6XaIWyOHYPCfWz6YmTJJBvojWoRuQ20YcHgZ52jPENaRq2P
GK6F9j3i3qbDhWR90olYgFqPcXlA0E65kH/96sHV5PcKsBTNvMIjDzyGoiNhhyMt
NxWyELQVJjFYUAiG/WYtoC05K9KxwIHkh451dF3mb6LA+cqi4RvqbJJ3xQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMzJWeWhq6fqfkZhhi9Ts6PjSeKaMB8GA1UdIwQY
MBaAFM3QrkHNq1WYYpZBeL/q42hJawfXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemRDdVFjMnJWWmhpbGtGNHYtcmphRWxyQjljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8xNGQ3MWUtZTBkOC00ZmZmLWIzZmEt
NDI4MzI0YTkyNDRlLzEvemRDdVFjMnJWWmhpbGtGNHYtcmphRWxyQjljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8xNGQ3MWUtZTBkOC00ZmZmLWIzZmEtNDI4MzI0YTkyNDRl
LzEvemRDdVFjMnJWWmhpbGtGNHYtcmphRWxyQjljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkVw7VhMM
QCtjIqBkO3ft2+tzYK+lP7uZYRUvLrVy+ObAhUMJK9mxEqg/OB4xoGLBm0EnDUqW
7qFvTiMo7bk9X0xK6NIN1Q8wSD/Gz3pBwCdGRLKFcYQDZumdmTvoh2Va91KajXJF
W4lG1GOsfcqHWKH/JOoWvwgDSgMyQjo3Sc02/BgYcGMBmU6kBx1dDsTXLl0C+/9Q
iBoBjnK5RLw/GkZymRw/Yjz+Iay4Wszfkhv39Om7dssseJUtEFTFSiaV24n9nzjb
gRRIJ1wBgoKvy9RMdetcOIgjo/rE8q90EIoL+1Eva9fTyeRCM+xKH1EI+f+o8BCP
vV5lYY8dxevAYA==
-----END CERTIFICATE-----